package com.jueling.culture.core.interceptor;


import com.jueling.culture.exception.PermissionException;
import com.jueling.culture.model.UserAuthority;
import com.jueling.culture.model.UserInfo;
import com.jueling.culture.support.annotation.RequiredPermission;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

/**
 * @author: linp
 * @time: 2019/6/13 9:13
 */
@Component
public class PermissionHandlerInterceptorAdapter extends HandlerInterceptorAdapter {

    /**
     * 查看权限
     */
    private static final String PERMISSION_VIEW = "view";

    /**
     * 编辑权限
     */
    private static final String PERMISSION_EDIT = "edit";

    /**
     * 权限数组长度
     */
    private static final Integer PERMISSION_LENGTH = 2;

    /**
     * 权限拦截器
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if (handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;
            //获取方法上的注解
            RequiredPermission annotation = handlerMethod.getMethod().getAnnotation(RequiredPermission.class);
            //如果方法上没有注解，就获取类上的注解
            if (annotation == null) {
                annotation = handlerMethod.getMethod().getDeclaringClass().getAnnotation(RequiredPermission.class);
            }
            //如果有注解就判断权限
            if (annotation != null) {
                //获取注解上的authorityCode
                String code = annotation.authorityCodeEnum().getCode();
                //获取注解上的permission
                Boolean isView = annotation.view();
                Boolean isEdit = annotation.edit();

                //获取登录用户
                UserInfo userInfo = UserInfo.currentUser.get();
                //获取用户的authorityCode和permission
                List<UserAuthority> userAuthorityList = userInfo.getUserAuthority();

                String userPermission = "";
                for (UserAuthority userAuthority : userAuthorityList) {
                    if (userAuthority.getAuthorityCode().equals(code)) {
                        userPermission = userAuthority.getPermissions();
                    }
                }
                //获取权限数组
                String[] userPermissionArray = userPermission.split(",");
                //需要view权限
                if (isView) {
                    if (PERMISSION_VIEW.equals(userPermissionArray[0])) {
                        return true;
                    }
                    throw new PermissionException("没有查看权限");
                }
                //需要edit权限
                if (isEdit) {
                    if (PERMISSION_EDIT.equals(userPermissionArray[0])) {
                        return true;
                    }
                    if (userPermissionArray.length == PERMISSION_LENGTH && PERMISSION_EDIT.equals(userPermissionArray[1])) {
                        return true;
                    }
                    throw new PermissionException("没有编辑权限");
                }
            }
        }
        return true;
    }
}
